Dealing with incidents Course

52 minutes


Incident response overview

Video - 00:03:00

Responding to incidents in a timely and effective manner is the result of proactive planning with defined roles and responsibilities.
Incident response plans (IRPs)

Video - 00:06:00

An IRP provides guidance on how security incidents are dealt with effectively while they are occurring. The IRP includes roles, responsibilities, a contact list and escalation procedures. IRPs should be updated periodically through lessons learned from past incidents.
IRP testing

Video - 00:06:00

In this episode we will learn about IRP testing.
Threat analysis and mitigating actions

Video - 00:08:00

Stepping through how attackers manage to compromise a system or exfiltrate data helps harden environments to prevent future incidents. This episode covers the Cyber Kill Chain, the Mitre ATT&CK Framework, the Diamond Model of Intrusion Analysis, and how Security Orchestration, Automation, and Response (SOAR) tools can reduce incident response time.
Digital forensics

Video - 00:05:00

In this episode you will learn about digital forensics.
Business continuity and alternate sites

Video - 00:06:00

Business continuity ensures that business processes can continue despite interruptions. Continuity of operations (COOP), disaster recovery plans (DRPs), as well as hot, warm, and cold alternate sites are discussed.
Data backup

Video - 00:10:00

Backing data up provides availability in the event of data deletion, corruption, or encryption through ransomware. This episode discusses backup settings such as compression and encryption, as well as full, differential, and incremental backup types.
Chapter 14 exam question review

Video - 00:01:00

Incident response strives to minimize security issues as they are happening. In this episode, an incident response scenario is presented.
Autopsy forensic browser lab

Video - 00:05:00

Digital forensics is the cross-pollination of computer science and law. In this demonstration, Dan shows how to use the Autopsy forensic tool to work with a disk image to retrieve a deleted file.
Chapter 14 Ask Me Anything (AMA)

Video - 00:02:00

There is much to be learned by analyzing past security incidents. In this episode, Dan discussed the Cyber Kill Chain.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust